The paper presents a framework methodology for identifying the real website is vulnerable to code injection attack, our proposed methodology gives a solution for thousands of websites to identify their vulnerability against code injection attacks, so it can help the administrator of the website by checking his own website and knows if it is vulnerable to code injection attacks. There are not too many researchers about this subject because most of the cyber security researchers are about detecting and protecting against the malware, the good thing in this research is that it can provide a self-checking protection for every website, so the administrator can know if his website needs to get more protection support against malware or if the anti-malware that the administrator is using for protection against code injection attack is enough. The framework that presented in this paper can do a code injection attacks such as SQL injection and XSS attacks by itself to check whether the website is vulnerable to code injection attack. The checking methodology is contained all ways that the attacker can do to success his code injection attack, so it gives a precision checking for the website whether is vulnerable against code injection attack or no. By this way, we can protect many of websites against hackers that using code injection attack to make damage such as stealing or deleting or altering important data from website systems.
|Title of host publication||Proceedings of the 1st International Conference on Machine Learning and Data Engineering|
|Number of pages||9|
|Publication status||Published - 2017|
|Event||1st International Conference on Machine Learning and Data Engineering: iCMLDE 2017 - Western Sydney University, Parramatta, Sydney, Australia|
Duration: 20 Nov 2017 → 22 Nov 2017
http://2017.icmlde.net.au/Home.aspx (Conference website)
http://2017.icmlde.net.au/Proceedings.aspx (Conference proceedings)
|Conference||1st International Conference on Machine Learning and Data Engineering|
|Period||20/11/17 → 22/11/17|
|Other||1st International Conference on Machine Learning and Data Engineering, Sydney, 2017 (iCMLDE 2017) will bring international and national experts in Artificial Intelligence, Computer Vision, Machine Learning and Data Engineering researcher to Sydney to present and share their latest research and practice. iCMLDE 2017 will be held in Sydney, which is one of the largest cities in Australia. The conference is supported by Global Circle for Scientific, Technological and Management Research (GCSTMR) and Science, Technology and Management Crest, Australia (STAMCA). GCSTMR endeavors to create a platform for young researchers to exchange ideas and share information with experts in their respective fields. GCSTMR encourages and facilitates trans-national collaborations among its members and associates in research, training and professional activities. Multidisciplinary international conference series run by GCSTMR open vast opportunities for researchers to interact on the global platform and take advantage of knowledge sharing in the digital arena. |
iCMLDE 2017 will be held at Western Sydney University’s Parramatta campus, which is situated 20km from the Sydney CBD and is well connected by rail, road and ferry networks. The traditional landmarks of Sydney including Sydney Harbour, Sydney Opera House and Harbour Bridge are within easy reach of the conference venue as is the Blue Mountains World Heritage National Park.
Alnabulsi, H., & Islam, MD. R. (2017). Identification of susceptible websites from code injection attack. In Proceedings of the 1st International Conference on Machine Learning and Data Engineering (pp. 1-9) http://www.icmlde.net.au/proceedings/1st/30_ICMLDE2017.pdf